news - zero redgem

Recent Advisories

Severity	ID	Title	Vendor	Product	Date	Type
HIGH 8.8	E3CC4BB2-C7CC-	Exploit for CVE-2026-8461_E3CC4BB2-C7CC-5E49-98CD-CB9550BC8BC3 CVE-2026-8461 PoC !WARNING This PoC is entirely generated by AI. Usage: bash python exploitcve20268461.py --baseline --frames 25 -o baseline.avi An...	N/A	N/A	Jun 23, 2026	GITHUBEXPLOIT
NONE	HACKREAD:391B1A...	The Rise of AI-Powered Academic Fraud: Beyond Traditional Plagiarism_HACKREAD:391B1A77A3203FFA17E10595BE175BCF AI has changed academic fraud. It now creates original-looking work, fake sources, and hidden misconduct that schools must learn to detect.	N/A	N/A	Jun 23, 2026	HACKREAD
NONE	MALWAREBYTES:E3...	Inside the dark web: Stolen identities for 95¢, malware, and scams-for-hire_MALWAREBYTES:E39A56D287CB798ED35F261B9721F323 Most people have heard of the dark web, but few understand what it actually looks like or what goes on there. To separate fact from fiction, our re...	N/A	N/A	Jun 23, 2026	MALWAREBYTES
NONE	HACKREAD:A347AF...	‘Cordyceps’ CI/CD Flaw Exposes Microsoft, Google, Apache Repos to Pipeline Hijacking_HACKREAD:A347AF3E1F9C0D0966C01F83C68F00C9 Novee Security reveals Cordyceps, a CI/CD vulnerability in GitHub Actions workflows that let anonymous users poison builds and expose tokens across...	N/A	N/A	Jun 23, 2026	HACKREAD
NONE	KREBS:558FBF80A...	Scattered Spider Hackers Plead Guilty on Day 1 of Trial_KREBS:558FBF80A49DC11494BE85348DDCC692 Two men pleaded guilty in the United Kingdom this week to criminal charges stemming from an August 2024 cyberattack that crippled **Transport for L...	N/A	N/A	Jun 23, 2026	KREBS
NONE	THN:C2C90355361...	FortiBleed Targeted FortiGate Firewalls in 110 Million-Credential Harvesting Operation_THN:C2C9035536172E70A97387AE750E6A8D ![](https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhJkhDD5qINhfAhBFXG2C13raQF6T6zAOmnHlArhnLUP5z0ifBzpyq6M_4n11cgynQfZW0mxJWnYU-TDYSpKQ...	N/A	N/A	Jun 23, 2026	THN
MEDIUM 6.5	CVE-2026-52673	CVE-2026-52673_CVE-2026-52673 SQL Injection vulnerability in Cboard v.0.4.2 and before allows a remote attacker to execute arbitrary code via the getDimensionsValues component	n/a	n/a n/a	Jun 23, 2026	CVE
MEDIUM 6.5	CVE-2025-55639	CVE-2025-55639_CVE-2025-55639 GPAC MP4Box v2.4 was discovered to contain a NULL pointer dereference in the gf_isom_add_track_kind() function at isomedia/isom_write.c. This vulne...	n/a	n/a n/a	Jun 23, 2026	CVE
LOW 3.7	CVE-2026-56968	CVE-2026-56968_CVE-2026-56968 GNU SASL before 2.2.4 lacks sanitization of a short challenge in _gsasl_ntlm_client_step in the NTLM client, which could result in memory disclosur...	GNU	GNU SASL	Jun 23, 2026	CVE
MEDIUM 5.7	CVE-2026-56117	dhcpcd Heap Use-After-Free via Control Socket Handling_CVE-2026-56117 dhcpcd through 10.3.2, fixed in commit 78ea09e, contains a heap use-after-free vulnerability in the control socket handling within src/control.c th...	NetworkConfiguration	dhcpcd	Jun 23, 2026	CVE